As part of the growing Technology team in Dublin, Inés Rubio is looking forward to helping clients across EMEA tackle their e-discovery challenges through information governance (IG). With a background in international criminal law and legal technology, Inés brings a combination of technical, legal and strategic problem-solving expertise to the team. We recently interviewed her about her new role at FTI and her plans for supporting the practice’s growth in Ireland.
Inés, you joined FTI Technology from a role as Head of Information Management and Incident Response at another consulting firm. Can you share the highlights of your background and what brought you to FTI?
I studied law at university in Spain and first became interested in e-discovery when working for the International Criminal Court of The Hague. Once I was exposed to the e-discovery process and platforms like Ringtail (now known as Nuix Discover), I became very interested in the world of electronic data as evidence. I moved to Ireland and accepted an e-discovery role, which evolved to include digital forensics, governance, security and privacy responsibilities. I’ve learned over the years that there is a lot of overlap between e-discovery and IG and that corporations can save significant time and cost in e-discovery by proactively addressing gaps in their IG and data privacy practices.
FTI was very appealing to me because of the firm’s focus on technology, and its global reach. I’m Spanish, and while I currently live in Ireland, I appreciate the opportunity to collaborate across borders with different teams throughout the region. I’m also excited about the opportunity to be a part of expanding FTI’s data privacy and IG solutions in Ireland and EMEA more broadly.
What specific work will you be focused on in your new role?
I’ll have a hand in traditional e-discovery work as well as IG engagements. I hold a CIPP/E certification from the IAPP and will be using my knowledge of data privacy issues to support my colleagues Sonia Cheng and Nina Bryant with expanding our privacy, governance and compliance service lines from Dublin. I think we’re going to see an increase in e-discovery and IG work coming together, and I look forward to advising clients in those types of projects.
My broader goal is to help clients understand the value of creating comprehensive, long-term solutions that reduce downstream cost and risk, rather than fixing acute problems in isolation only to see them come up again. I think leveraging IG strategy to reduce future e-discovery burdens is also an opportunity for in-house legal professionals to expand their skills and branch into new areas as their organisations transform.
What are the biggest trends you see impacting clients in Ireland right now?
Data protection is a key issue. GDPR broadened the field of which businesses need to keep track of IG and data privacy. Previously, only certain organisations were required to satisfy regulatory requirements for their data. But now it’s universal. So, the value of sound IG and data protection now resonates with organisations that wouldn’t have invested in it in the past.
In Ireland, I also expect we’ll see an uptick in regulatory investigations, especially across financial institutions. Much like we saw after the financial crisis of 2008, I think many of the events of 2020 will trickle down to trigger lawsuits and investigations and create e-discovery issues over the next six months.
Can you share an anecdote of an interesting case that provided an important lesson?
I recently helped a client in responding to a data subject access request (DSAR) under GDPR. When looking at the scope of data that potentially included the subject’s personal information, we found a legacy system that had been set aside without proper remediation. The system included a petabyte of data, and only roughly two gigabytes were relevant to the DSAR. But the system wasn’t fit for filtering data or exporting select pieces of information. We were able to leverage e-discovery tools to gain access and respond to the DSAR in time, but the takeaway from that exercise was that the organisation had some significant gaps in its approach to IG. This was a prime example of how inadequate governance can introduce problems during a routine e-discovery matter.
Do you have any predictions for the industry?
The use of AI and machine learning varies greatly between organisations. Some might use the technology in all their matters, while others do not find a use case for it. The recently published General Counsel Report 2021 from FTI Consulting and Relativity found that there has not been a significant change in appetite and use of AI and machine learning since 2019. However, the sheer volume of data and sources today may begin to shift these attitudes. I believe we’ll begin to see an increase in adoption as legal teams struggle to handle the growing scale and complexity of their data landscapes.
A key thing for sceptics to remember is the numerous ways machine learning technology can be used, from using it in your upcoming legal matter to protecting your organisation from insider threats. For example, automating the identification of personal data can save time and allow for quick decisions and actions when facing data breaches or managing a privacy programme. To adapt to a changing regulatory landscape, automation can offer solutions around contract clause and data point extraction as part of a workflow to identify and modify contracts and other documents. Organisations could also be proactive when facing threats by using behaviour analytics to automate the detection of insider red flags. As is usually the case with technology, it is always good to increase awareness of what is available and its use cases—it could be a game-changer in a future matter.
What about your life outside of FTI? What are your hobbies and interests?
I love playing sports and took up playing golf about two years ago. I’ve really enjoyed playing and it’s a sport that has come naturally to me, and I recently won a competition.